Documentation
¶
Overview ¶
Package verifiedaccess provides access to the Chrome Verified Access API.
For product documentation, see: https://developers.google.com/chrome/verified-access
Creating a client ¶
Usage example:
import "google.golang.org/api/verifiedaccess/v2" ... ctx := context.Background() verifiedaccessService, err := verifiedaccess.NewService(ctx)
In this example, Google Application Default Credentials are used for authentication.
For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.
Other authentication options ¶
To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey:
verifiedaccessService, err := verifiedaccess.NewService(ctx, option.WithAPIKey("AIza..."))
To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource:
config := &oauth2.Config{...}
// ...
token, err := config.Exchange(ctx, ...)
verifiedaccessService, err := verifiedaccess.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))
See https://godoc.org/google.golang.org/api/option/ for details on options.
Index ¶
- Constants
- type Challenge
- type ChallengeGenerateCall
- func (c *ChallengeGenerateCall) Context(ctx context.Context) *ChallengeGenerateCall
- func (c *ChallengeGenerateCall) Do(opts ...googleapi.CallOption) (*Challenge, error)
- func (c *ChallengeGenerateCall) Fields(s ...googleapi.Field) *ChallengeGenerateCall
- func (c *ChallengeGenerateCall) Header() http.Header
- type ChallengeService
- type ChallengeVerifyCall
- func (c *ChallengeVerifyCall) Context(ctx context.Context) *ChallengeVerifyCall
- func (c *ChallengeVerifyCall) Do(opts ...googleapi.CallOption) (*VerifyChallengeResponseResult, error)
- func (c *ChallengeVerifyCall) Fields(s ...googleapi.Field) *ChallengeVerifyCall
- func (c *ChallengeVerifyCall) Header() http.Header
- type Empty
- type Service
- type VerifyChallengeResponseRequest
- type VerifyChallengeResponseResult
Constants ¶
const (
// Verify your enterprise credentials
VerifiedaccessScope = "https://www.googleapis.com/auth/verifiedaccess"
)
OAuth2 scopes used by this API.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Challenge ¶
type Challenge struct {
// AlternativeChallenge: Challenge generated with the old signing key,
// the bytes representation of SignedData (this will only be present
// during key rotation).
AlternativeChallenge string `json:"alternativeChallenge,omitempty"`
// Challenge: Generated challenge, the bytes representation of
// SignedData.
Challenge string `json:"challenge,omitempty"`
// ServerResponse contains the HTTP response code and headers from the
// server.
googleapi.ServerResponse `json:"-"`
// ForceSendFields is a list of field names (e.g.
// "AlternativeChallenge") to unconditionally include in API requests.
// By default, fields with empty or default values are omitted from API
// requests. However, any non-pointer, non-interface field appearing in
// ForceSendFields will be sent to the server regardless of whether the
// field is empty or not. This may be used to include empty fields in
// Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "AlternativeChallenge") to
// include in API requests with the JSON null value. By default, fields
// with empty values are omitted from API requests. However, any field
// with an empty value appearing in NullFields will be sent to the
// server as null. It is an error if a field in this list has a
// non-empty value. This may be used to include null fields in Patch
// requests.
NullFields []string `json:"-"`
}
Challenge: Result message for VerifiedAccess.CreateChallenge.
func (*Challenge) MarshalJSON ¶
type ChallengeGenerateCall ¶
type ChallengeGenerateCall struct {
// contains filtered or unexported fields
}
func (*ChallengeGenerateCall) Context ¶
func (c *ChallengeGenerateCall) Context(ctx context.Context) *ChallengeGenerateCall
Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.
func (*ChallengeGenerateCall) Do ¶
func (c *ChallengeGenerateCall) Do(opts ...googleapi.CallOption) (*Challenge, error)
Do executes the "verifiedaccess.challenge.generate" call. Exactly one of *Challenge or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Challenge.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.
func (*ChallengeGenerateCall) Fields ¶
func (c *ChallengeGenerateCall) Fields(s ...googleapi.Field) *ChallengeGenerateCall
Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.
func (*ChallengeGenerateCall) Header ¶
func (c *ChallengeGenerateCall) Header() http.Header
Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.
type ChallengeService ¶
type ChallengeService struct {
// contains filtered or unexported fields
}
func NewChallengeService ¶
func NewChallengeService(s *Service) *ChallengeService
func (*ChallengeService) Generate ¶
func (r *ChallengeService) Generate(empty *Empty) *ChallengeGenerateCall
Generate: Generates a new challenge.
func (*ChallengeService) Verify ¶
func (r *ChallengeService) Verify(verifychallengeresponserequest *VerifyChallengeResponseRequest) *ChallengeVerifyCall
Verify: Verifies the challenge response.
type ChallengeVerifyCall ¶
type ChallengeVerifyCall struct {
// contains filtered or unexported fields
}
func (*ChallengeVerifyCall) Context ¶
func (c *ChallengeVerifyCall) Context(ctx context.Context) *ChallengeVerifyCall
Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.
func (*ChallengeVerifyCall) Do ¶
func (c *ChallengeVerifyCall) Do(opts ...googleapi.CallOption) (*VerifyChallengeResponseResult, error)
Do executes the "verifiedaccess.challenge.verify" call. Exactly one of *VerifyChallengeResponseResult or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *VerifyChallengeResponseResult.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.
func (*ChallengeVerifyCall) Fields ¶
func (c *ChallengeVerifyCall) Fields(s ...googleapi.Field) *ChallengeVerifyCall
Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.
func (*ChallengeVerifyCall) Header ¶
func (c *ChallengeVerifyCall) Header() http.Header
Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.
type Empty ¶
type Empty struct {
}
Empty: A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
type Service ¶
type Service struct {
BasePath string // API endpoint base URL
UserAgent string // optional additional User-Agent fragment
Challenge *ChallengeService
// contains filtered or unexported fields
}
func New
deprecated
New creates a new Service. It uses the provided http.Client for requests.
Deprecated: please use NewService instead. To provide a custom HTTP client, use option.WithHTTPClient. If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.
func NewService ¶
NewService creates a new Service.
type VerifyChallengeResponseRequest ¶
type VerifyChallengeResponseRequest struct {
// ChallengeResponse: Required. The generated response to the challenge,
// the bytes representation of SignedData.
ChallengeResponse string `json:"challengeResponse,omitempty"`
// ExpectedIdentity: Optional. Service can optionally provide identity
// information about the device or user associated with the key. For an
// EMK, this value is the enrolled domain. For an EUK, this value is the
// user's email address. If present, this value will be checked against
// contents of the response, and verification will fail if there is no
// match.
ExpectedIdentity string `json:"expectedIdentity,omitempty"`
// ForceSendFields is a list of field names (e.g. "ChallengeResponse")
// to unconditionally include in API requests. By default, fields with
// empty or default values are omitted from API requests. However, any
// non-pointer, non-interface field appearing in ForceSendFields will be
// sent to the server regardless of whether the field is empty or not.
// This may be used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "ChallengeResponse") to
// include in API requests with the JSON null value. By default, fields
// with empty values are omitted from API requests. However, any field
// with an empty value appearing in NullFields will be sent to the
// server as null. It is an error if a field in this list has a
// non-empty value. This may be used to include null fields in Patch
// requests.
NullFields []string `json:"-"`
}
VerifyChallengeResponseRequest: Signed ChallengeResponse.
func (*VerifyChallengeResponseRequest) MarshalJSON ¶
func (s *VerifyChallengeResponseRequest) MarshalJSON() ([]byte, error)
type VerifyChallengeResponseResult ¶
type VerifyChallengeResponseResult struct {
// DevicePermanentId: Device permanent id is returned in this field (for
// the machine response only).
DevicePermanentId string `json:"devicePermanentId,omitempty"`
// DeviceSignal: Device signal in json string representation.
DeviceSignal string `json:"deviceSignal,omitempty"`
// KeyTrustLevel: Device attested key trust level.
//
// Possible values:
// "KEY_TRUST_LEVEL_UNSPECIFIED" - UNSPECIFIED.
// "CHROME_OS_VERIFIED_MODE" - ChromeOS device in verified mode.
// "CHROME_OS_DEVELOPER_MODE" - ChromeOS device in developer mode.
// "CHROME_BROWSER_TPM_KEY" - Chrome Browser with the key stored in
// TPM.
// "CHROME_BROWSER_OS_KEY" - Chrome Browser with the key stored at OS
// level.
KeyTrustLevel string `json:"keyTrustLevel,omitempty"`
// SignedPublicKeyAndChallenge: Certificate Signing Request (in the
// SPKAC format, base64 encoded) is returned in this field. This field
// will be set only if device has included CSR in its challenge
// response. (the option to include CSR is now available for both user
// and machine responses)
SignedPublicKeyAndChallenge string `json:"signedPublicKeyAndChallenge,omitempty"`
// ServerResponse contains the HTTP response code and headers from the
// server.
googleapi.ServerResponse `json:"-"`
// ForceSendFields is a list of field names (e.g. "DevicePermanentId")
// to unconditionally include in API requests. By default, fields with
// empty or default values are omitted from API requests. However, any
// non-pointer, non-interface field appearing in ForceSendFields will be
// sent to the server regardless of whether the field is empty or not.
// This may be used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "DevicePermanentId") to
// include in API requests with the JSON null value. By default, fields
// with empty values are omitted from API requests. However, any field
// with an empty value appearing in NullFields will be sent to the
// server as null. It is an error if a field in this list has a
// non-empty value. This may be used to include null fields in Patch
// requests.
NullFields []string `json:"-"`
}
VerifyChallengeResponseResult: Result message for VerifiedAccess.VerifyChallengeResponse.
func (*VerifyChallengeResponseResult) MarshalJSON ¶
func (s *VerifyChallengeResponseResult) MarshalJSON() ([]byte, error)
Source Files